Article Details

CISA warns agencies of fourth flaw used in Triangulation spyware attacks. The U.S. Cybersecurity and Infrastructure Security Agency has added to its to the Known Exploited Vulnerabilities catalog six vulnerabilities that impact products from Apple, Adobe, Apache, D-Link, and Joomla. The Known Exploited Vulnerabilities catalog, or KEV for short, contains security issues that have been actively exploited in the wild. It is a valuable resource for organizations across the globe in the vulnerability management and prioritization process. "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise." reads CISA's notice. CISA has given federal agencies until January 29 to patch the six actively exploited flaws or stop using the vulnerable products. The six vulnerabilities highlighted this time are the following: Some of the listed flaws have been leveraged in attacks that were disclosed only recently. For example, CVE-2023-41990 was used in the ‘Operation Triangulation’ campaign active since 2019 and discovered only in June 2023 by Kaspersky when some of its researchers' devices were infected. This is the last in the set of four vulnerabilities a threat actor exploited to bypass security measures in iPhones belonging to several targets around the world, including Europe. CVE-2023-38203 and CVE-2023-29300 were leveraged by hackers since mid-2023 after security researchers demonstrated that the vendor's patches could be bypassed. For others, like CVE-2023-27524, proof-of-concept (PoC) exploits were released last September, laying the ground for widespread exploitation by malicious actors. Organizations and federal agencies are urged to check their assets for the above flaws, and other vulnerabilities listed in the KEV catalog, and apply the available security updates or mitigation steps as required.